Cybersecurity incidents have surged, with supply chain attacks, government bans, and AI-driven threats dominating the latest reports. This detailed breakdown examines key events, including the TeamPCP hack on Checkmarx GitHub Actions, the US ban on foreign-made routers, escalating tax and AI scams, a ransomware attack on Foster City, and a Meta AI data leak.
Supply Chain Attacks: TeamPCP Expands Reach Beyond Trivy Compromise
Threat actor TeamPCP has compromised two Checkmarx GitHub Actions workflows—*checkmarx/ast-github-action* and *checkmarx/kics-github-action*—using stolen CI credentials. The group deployed a credential-stealing malware targeting SSH keys, cloud provider secrets, Kubernetes, Docker, and CI/CD configurations. Exfiltrated data was sent to *checkmarx[.]zone* as an encrypted archive (*tpcp.tar.gz*). Sysdig researchers noted the attack leveraged typosquat domains to evade detection, while trojanized VS Code extensions were distributed via OpenVSX. The attackers used GitHub PATs with write access to further poison repositories. Checkmarx confirmed no customer data was exposed but urged vigilance for organizations using affected artifacts between March 23, 2026, 02:53–15:41 UTC.
Government Interventions: US Bans Foreign-Made Routers Over Security Risks
The Federal Communications Commission (FCC) has banned all new foreign-made consumer-grade routers, citing national security threats. The decision follows evidence of routers being exploited in three major cyberattacks linked to Chinese state-sponsored actors. The ban applies to new device models, though existing routers remain operational. Manufacturers must now disclose foreign influence and submit plans to relocate production to the US for conditional approval. Popular brands like TP-Link and Netgear are affected, except for Starlink routers. The FCC emphasized risks of IP theft, espionage, and infrastructure disruption via compromised routers. See more details in the related url.
AI and Tax Scams
The FTC and IRS warn of a 30% increase in tax-related scams, driven by AI-powered impersonation. Top threats include IRS impersonation, identity theft, and elderly targets. Scammers use AI to create convincing false voices and videos to impersonate family, friends, or officials. These deepfake scams can lead to significant financial loss. Victims should report theft via [IdentityTheft.gov] and monitor credit reports. The Electronic Privacy Information Center (EPIC) warns against costly identity monitoring services. Local police reports may aid future restitution claims. See more details in the related url. The supply chain attack also highlights how sophisticated attackers can manipulate software to steal sensitive data. The FCC ban on foreign routers shows that cybersecurity threats are not limited to software. The global cybersecurity threat landscape includes a variety of attacks that can compromise both individuals and organizations. As the next chapter will discuss, ransomware attacks are another major threat that can disrupt essential services and expose sensitive data.
Ransomware Attack: Foster City Declares Emergency
Foster City, California, declared a state of emergency after a ransomware attack disrupted municipal systems, including police and 911 services. The attack, detected on March 20, 2026, forced offline city networks, email, and phone lines. Officials are working with state/federal cybersecurity agencies and independent specialists to investigate the breach, which may have exposed personal data. Residents who interacted with the city are advised to change passwords and monitor accounts. The incident echoes a 2023 Oakland attack where employee data was leaked on the dark web. See more details in the related url.
Final words
The convergence of supply chain vulnerabilities, state-sponsored threats, AI exploitation, and financial fraud demands a multi-layered defense strategy. Stay updated via CISA, FTC Alerts, and IC3 Reports.